The ECB Penguin

This is an image that has become kind of a cultural icon in the cryptography and InfoSec community. I'm speaking about "the penguin", a picture of the Tux Linux mascot encrypted with a block cipher in ECB mode that still shows clearly the outline of the original.

.@solardiz@ErrataRob ECB mode strikes again, I see. It's hard to believe there's anyone left who hasn't seen the penguin.

ECB

You have a cipher, that with a key will encrypt 16 bytes of data. And you have some data, that is more than 16 bytes. So you have a problem. Well, ECB is the wrong solution to that problem: you just encrypt each 16-bytes block separately.

Why is it wrong? Because this way blocks that were equal before encryption will remain equal also after! And this will lead to all kinds of unwanted consequences.

Nothing more is known about the original. I wrote an email to the author, and I will update the blog post if he replies.

My take at it

The picture is amazing, but rather low quality even for screen, let alone for printing. So, I decided to generate my own.

First thing needed was an image format where the pixels were represented sequentially as plain bytes, without any compression, and possibly with a simple header. The perfect candidate turned out to be the PPM binary format, part of the Netpbm spec. (It is just basically a ASCII header and then a sequence of 3-bytes RGB representations of the pixels.)

Here is the process:

# First convert the Tux to PPM with Gimp
# Then take the header apart
head -n 4 Tux.ppm > header.txt
tail -n +5 Tux.ppm > body.bin
# Then encrypt with ECB (experiment with some different keys)
openssl enc -aes-128-ecb -nosalt -pass pass:"ANNA" -in body.bin -out body.ecb.bin
# And finally put the result together and convert to some better format with Gimp
cat header.txt body.ecb.bin > Tux.ecb.ppm

And the result! Click for the original. Prints on sale, it makes for a great nerdy office decoration, much like "Crypto Safety Procedures"!